Protect yourself from Java-based malware

(LiveHacking.Com) – The onslaught of Java vulnerabilities doesn’t seem to be abating. Recently we have seen malware successfully exploiting different Java bugs from the CVE-2012-0507, the AtomicReferenceArray type-confusion vulnerability, to the newly found type-confusion vulnerability CVE-2012-1723. Both vulnerabilities have been actively exploited.

A type-confusion is a vulnerability that occurs when the type safety checks, built into the Java Runtime Environment, fail to verify wrong types supplied to instructions expecting a different type. This is very dangerous as, if exploited correctly, it allows the program to access methods that are not supposed to be available to it and ultimately it leads to a Sandbox compromise.

There have been calls for users to remove Java from their PCs unless it is absolutely necessary. “I’ve repeatedly encouraged readers to uninstall this program,” said Brian Krebs former in house security expert for The Washington Post. “Not only because of the constant updating it requires, but also because there seem to be a never-ending supply of new exploits available for recently-patched or undocumented vulnerabilities in the program.”

If you need to keep Java on your machice then the most effective measure against these vulnerabilities is by keeping your Java version up to date. To check the version of JRE your browser is running, use this link. You will then be prompted if you need to upgrade your Java version.

You can also disable your current Java Plug-in temporarily to prevent being vulnerable to Java-based threats. For Windows systems, go to “Control Panel” and select “Java”. When the “Java Runtime Environment Settings” dialog box appears, select the “Java” tab. From there, click the “View” button. You will see a list of the currently installed versions of Java. Uncheck the “Enabled” check box to disable that installation from being used by Java Plug-in and Java Web Start. Oracle has a detailed description these setting here.